Data Breach Situations Can Leave Corporations Unprepared

September 30, 2014

Data Breach Response Plans Still Lacking In Organizations

Posted by Heidi Schwartz

Experian Data Breach Resolution has released a new study with the Ponemon Institute on data breach preparedness. The second annual study, Is Your Company Ready for a Big Data Breach?, found that executives are concerned about the effectiveness of their data breach response, although they have failed to take the basic steps to be prepared.

Click this link to access the full report, Is Your Company Ready for a Big Data Breach? The Second Annual Study on Data Breach Preparedness (Photo: PRNewsFoto/Experian).

“While more organizations have data breach preparedness on their radar and have developed a response plan, a majority of companies are not putting the support and resources behind having it truly be effective,” said Michael Bruemmer, vice president, Experian Data Breach Resolution. “A checklist response plan alone doesn’t mean you’re prepared. There should be an incident response team in place that practices the plan and ongoing investment from the C-suite to ensure technologies are up-to-date, external breach experts are secured, and selection of an identity protection product for affected customers is determined prior to an incident to ensure a quick and smooth response.”

Key findings from the study include:

Companies understand the importance of data breach preparedness. With data breaches making headlines the world over, awareness for data security is at an all-time high and more companies are preparing with a data breach response plan.

Data breaches are becoming ubiquitous with almost half (43%) of organizations surveyed having suffered at least one security incident, up 10% from 2013.

As a result, more companies have a data breach response plan in place (73%), up 12% from 2013.

Confidence amongst senior executives to manage a data breach remains low. Despite increased security investment and having incident response plans in place, when asked in detail about the preparedness of their organization, survey respondents were not confident in how they would handle a major issue.

Sixty-eight percent of respondents felt unprepared to respond to a data breach.

Most haven’t or don’t regularly update their plan (78%) to account for changes in threats or as processes at a company change.

Concerns are not just operational. Many companies were more concerned about threats being harder to manage for IT security teams.

Executives recognize what needs to happen to improve their incident response. The vast majority of executives (70%) surveyed want more oversight and participation from board members, chairman, and CEO for data breach preparedness.

Seventy-seven percent suggested more fire drills to practice data breach response would help them be more prepared.

Respondents ranked identity theft protection products and access to a call center as the two most important services a company should provide customers following a breach.

Sixty-nine percent indicated additional funding as a major need to improve response activity.

“Compared to last year’s study results, survey findings show encouraging signs that organizations are beginning to prioritize data breach prevention better, but more needs to be done,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “Companies should be careful of not becoming complacent because they have a response plan in place or just completed a security audit. Preparedness requires ongoing maintenance and diligence.”

Featured Video

Powered by highly advanced encryption and a software-based infrastructure, Seos secures trusted identities on any form factor and can be extended for applications beyond physical access control. Learn more at hidglobal.com/seos.

The company will expand its Nashville area operations for the second time in two years, creating 2,010 new jobs in the process. - Read: SmileDirectClub Investing $217M To Expand Middle Tennessee HQ at BusinessFacilities.com.

Employees have been offered a position when they were underqualified most frequently in Charlotte, San Diego, Austin and Washington, DC, according to a new Robert Half survey. - Read: Companies Willing To Train Job Applicants Who Don’t Meet Requirements at BusinessFacilities.com.

Knowledge Channels

Join 25,000+ Subscribers & Get the latest from Facility Executive!

Facility Executive is your one-stop source for information on quality operation, design and maintenance of facilities. Facility Executive offers a shared community of facility management experts who explore and analyze issues that affect your facility and its environment.

Facility Executive is a specialized trade publication written and edited for corporate facility executives in all industry and service sectors whose responsibilities include purchasing, planning and approving products, services and materials for facility operations.